diff --git a/IPython/html/notebookapp.py b/IPython/html/notebookapp.py
index 9df60d1..536aee5 100644
--- a/IPython/html/notebookapp.py
+++ b/IPython/html/notebookapp.py
@@ -505,7 +505,11 @@ class NotebookApp(BaseIPythonApplication):
     tornado_settings = Dict(config=True,
             help="Supply overrides for the tornado.web.Application that the "
                  "IPython notebook uses.")
-
+    
+    ssl_options = Dict(config=True,
+            help="""Supply SSL options for the tornado HTTPServer.
+            See the tornado docs for details.""")
+    
     jinja_environment_options = Dict(config=True, 
             help="Supply extra arguments that will be passed to Jinja environment.")
     
@@ -826,11 +830,13 @@ class NotebookApp(BaseIPythonApplication):
             self.log, self.base_url, self.default_url, self.tornado_settings,
             self.jinja_environment_options
         )
+        ssl_options = self.ssl_options
         if self.certfile:
-            ssl_options = dict(certfile=self.certfile)
-            if self.keyfile:
-                ssl_options['keyfile'] = self.keyfile
-        else:
+            ssl_options['certfile'] = self.certfile
+        if self.keyfile:
+            ssl_options['keyfile'] = self.keyfile
+        if not ssl_options:
+            # None indicates no SSL config
             ssl_options = None
         self.login_handler_class.validate_security(self, ssl_options=ssl_options)
         self.http_server = httpserver.HTTPServer(self.web_app, ssl_options=ssl_options,
diff --git a/docs/source/whatsnew/pr/ssl-options.rst b/docs/source/whatsnew/pr/ssl-options.rst
new file mode 100644
index 0000000..734824c
--- /dev/null
+++ b/docs/source/whatsnew/pr/ssl-options.rst
@@ -0,0 +1,4 @@
+* add ``NotebookApp.ssl_options`` config value.
+  This is passed through to tornado HTTPServer,
+  and allows SSL configuration beyong specifying a cert and key,
+  such as disabling SSLv3.